Lucene search
K

80 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : thunderbird-102.6.0-2.el9.ML.1 (AXSA:2023-5063:07)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5063:07 advisory. Mozilla: Arbitrary file read from a compromised content process CVE-2022-46872 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbir...

9.8CVSS8.5AI score0.00921EPSS
Exploits0References8
nessus
nessus
added 2025/08/07 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-46874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could...

8.8CVSS8.2AI score0.00884EPSS
Exploits0References2
nessus
nessus
added 2023/09/27 12:0 a.m.25 views

Amazon Linux 2 : firefox (ALASFIREFOX-2023-008)

The version of firefox installed on the remote host is prior to 102.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-008 advisory. The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process cou...

9.8CVSS8.4AI score0.00921EPSS
Exploits0References14
nessus
nessus
added 2023/05/03 12:0 a.m.22 views

GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-06 Mozilla Firefox: Multiple Vulnerabilities - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox This bug only affects Thunderbird for Linux...

9.8CVSS8.5AI score0.00921EPSS
Exploits0References24
susecve
susecve
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...

8.8CVSS8AI score0.00884EPSS
Exploits0References10
nessus
nessus
added 2023/01/14 12:0 a.m.24 views

Rocky Linux 8 : firefox (RLSA-2022:9067)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:9067 advisory. - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox This bug only affects...

9.8CVSS8.4AI score0.00921EPSS
Exploits0References13
openvas
openvas
added 2023/01/11 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-5782-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.00892EPSS
Exploits0References3
ubuntu
ubuntu
added 2023/01/10 6:37 a.m.73 views

USN-5782-3: Firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

8.3AI score
Exploits0References1
osv
osv
added 2023/01/05 1:30 p.m.12 views

USN-5782-2 firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

6.1AI score
Exploits0References2
openvas
openvas
added 2023/01/02 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2022-0484)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.7AI score0.00884EPSS
Exploits0References5
osv
osv
added 2022/12/30 10:39 p.m.5 views

MGASA-2022-0484 Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

8.8CVSS9.3AI score0.00884EPSS
Exploits0References4
mageia
mageia
added 2022/12/30 10:39 p.m.52 views

Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

8.8CVSS2.4AI score0.00884EPSS
Exploits0References3
openvas
openvas
added 2022/12/30 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:4636-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.5AI score0.00884EPSS
Exploits0References2
osv
osv
added 2022/12/29 1:2 p.m.4 views

SUSE-SU-2022:4636-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to version 102.6.1 fixed: Remote content did not load in user-defined signatures fixed: Addons that added new action buttons were not shown for addon upgrades, requiring removal and reinstall fixed: Various stability improvemen...

8.8CVSS9.4AI score0.00884EPSS
Exploits0References3
openvas
openvas
added 2022/12/29 12:0 a.m.23 views

Mozilla Thunderbird Security Advisories (MFSA2022-54, MFSA2022-54) - Mac OS X

Thunderbird is prone to a file extension manipulation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.7AI score0.00884EPSS
Exploits0References1
altlinux
altlinux
added 2022/12/29 12:0 a.m.20 views

Security fix for the ALT Linux 10 package thunderbird version 102.6.1-alt1

102.6.1-alt1 built Dec. 29, 2022 Pavel Vasenkov in task 312281 Dec. 23, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions...

9.5AI score0.00884EPSS
Exploits0
altlinux
altlinux
added 2022/12/23 12:0 a.m.108 views

Security fix for the ALT Linux 10 package thunderbird version 102.6.0-alt1

102.6.0-alt1 built Dec. 23, 2022 Pavel Vasenkov in task 311857 Dec. 16, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-4687...

9.3AI score0.00921EPSS
Exploits0
nessus
nessus
added 2022/12/23 12:0 a.m.24 views

Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2022-355-01)

The version of mozilla-thunderbird installed on the remote host is prior to 102.6.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-355-01 advisory. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious...

8.8CVSS8.4AI score0.00884EPSS
Exploits0References1
osv
osv
added 2022/12/22 8:15 p.m.2 views

DEBIAN-CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...

8.8CVSS8.2AI score0.00884EPSS
Exploits0References1
osv
osv
added 2022/12/22 8:15 p.m.6 views

CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...

8.8CVSS8.6AI score
Exploits0References7
Rows per page
Query Builder